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CLAIMS 



WHAT IS CLAIMED : 



1. 



A method for providing security in a computer system, comprising: 



5 



identifying information for protection; 



indicating at least one physical address of a memory that houses the information as at 



least one of read and write disabled; 



receiving a request from a program to access the information; and 



accessing the information in response to determining that the program has the 
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authority to access the information. 



2. The method of claim 1 , wherein indicating at least one physical address of the 
= memory includes: 

1 generating a table based on the physical addresses of the memory; and 

■i 5 indicating in the table that the memory housing the information is at least one of read 

and write disabled. 

3. The method of claim 2, wherein the table is a bitmap based on physical 
addresses of the memory. 
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4. 



The method of claim 1, wherein the program is an operating system. 



5. The method of claim 1, wherein the information is at least one of interrupt 
descriptor table, global descriptor table, and local descriptor table. 
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6. The method of claim I, wherein accessing the information in response to 
determining that the program has the authority to access the information includes using a 
stack of the computer system to verify the identity of the program. 

7. A method for providing security, comprising: 

writing to at least one register to define a privileged memory region; 

defining at least one computer instruction as a privileged instruction, wherein the 

privileged instruction is resident in the privileged memory region; 
identifying information for protection; 

indicating at least one physical address of a memory that houses the information as at 

least one of read and write disabled; and 
controlling the access to the information using the privileged instruction. 

8. The method of claim 7, further including writing to a second register, wherein 
the first and second registers define the privileged memory region. 

9. The method of claim 7, wherein indicating at least one physical address of the 
memory includes: 

generating a table based on the physical addresses of the memory; and 
indicating in the table that the memory housing the information is at least one of read 
and write disabled. 

10. The method of claim 7, wherein the information is at least one of interrupt 
descriptor table, global descriptor table, and local descriptor table. 
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11. A computer readable program storage device encoded with instructions that, 
when executed by a computer, performs a method of providing security, comprising: 

identifying information for protection; 

indicating at least one physical address of a memory that houses the information as at 

least one of read and write disabled; 
receiving a request from a program to access the information; and 
accessing the information in response to determining that the program has the 

authority to access the information. 

12. The computer readable program storage device of claim 11, wherein indicat- 
ing at least one physical address of the memory includes: 

generating a table based on the physical addresses of the memory; and 
indicating in the table that the memory housing the information is at least one of read 
and write disabled. 

13. The computer readable program storage device of claim 12, wherein the table 
includes an entry specifying access rights to the information. 

14. The computer readable program storage device of claim 11, wherein the 
information is at least one of interrupt descriptor table, global descriptor table, and local 
descriptor table. 

1 5 . An apparatus, comprising : 

a memory comprising a privileged code, the privileged code capable of: 
receiving a request to protect selected information; 
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indicating at least one physical address of a memory housing the information 

as at least one of read and write disabled; 
receiving a request from a program to access the information; and 
accessing the information in response to determining that the program has the 

authority to access the information. 



16. The apparatus of claim 15, wherein the privileged code capable of indicating 
at least one physical address of the memory includes the privileged code being capable of: 
generating a table based on the physical addresses of the memory; and 
indicating in the table that the memory housing the information is at least one of read 
and write disabled. 



1 7. The apparatus of claim 1 5, wherein the program is an operating system. 

18. The apparatus of claim 15, wherein the information is at least one of interrupt 
descriptor table, global descriptor table, and local descriptor table. 

19. A system, comprising : 
a processor; and 

a memory coupled to the processor, the memory comprising a privileged code capable 
of: 

receiving a request to protect selected information; 

indicating at least one physical address of a memory housing the information 

as at least one of read and write disabled; 
receiving a request from a program to access the information; and 
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accessing the information in response to determining that the program has the 
authority to access the information. 

20. The system of claim 19, wherein the privileged code capable of indicating at 
least one physical address of the memory includes the privileged code being capable of: 

generating a table based on the physical addresses of the memory; and 
indicating in the table that the memory housing the information is at least one of read 
and write disabled. 

21 . The system of claim 1 9, wherein the program is an operating system. 

22. The system of claim 19, wherein the information is at least one of interrupt 
descriptor table, global descriptor table, and local descriptor table. 

23 . The system of claim 1 9, wherein the processor is an x86 processor. 

24. An apparatus for providing security, comprising: 
means for identifying information for protection; 

means for indicating at least one physical address of a memory that houses the 

information as at least one of read and write disabled; 
means for receiving a request from a program to access the information; and 
means for accessing the information in response to determining that the program has 

the authority to access the information. 
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